1. A method ibr generating asymmetrical cryptokeys at the user's location, in which keys are 
generated, personalized, and certified at a central, particularly secure location, (Trust Center), or, in 
cooperation using \ecure transmission between the user and this Trust Center, at the location of the 
user, 

characterized in that 

a. first, the user is provid^ by the Trust Center with a previously generated, personalized, and 
certified signature key pair QPS, OS), and also components for producing one or more encryption 
key pairs (GEK), 

b. thereupon, a further user's-owAencryption key pair having a public (OVS) and a secret part 
(PVS) is produced by the user, and me public part (OVS) is marked using the assigned secret part 
(PS) of the signature key and the result is transmitted to the Trust Center, 

c. thereupon, the unequivocal assignment Ipkhe user is checked by the Trust Center using the 
certified public part (OS) of the signatureR^Vpalr, 

d. after a successful check of the assignmint^a)new certificate is produced by the Trust Center 
using at least a public part of the signature key^air (OS) or of the encryption key pair (OVS) of the 
user, and finally 

e. this certificate, encrypted using the public part of \^e encryption key pair (OVS) of the user, is 
transmitted by the Trust Center to the user. 

2. The method for generating asymmetrical cryptokeys at the user's location as recited in Claim 1, 
characterized in that the user, in method step a., is additional^ provided with components (GDSK) 
for producing one or more signature key pairs, which, in methoJi step b., are also produced by the 
user, and that the public part (OS2) of this self-generated signature key pair is marked by the user, 
in addition or simultaneously, using the secret part of the signature l^ey pair (PS) received from the 
Trust Center. 

3. The method for generating asymmetrical cryptokeys at the user's location^as recited in Claim 1 
and 2, 
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characterized in that aus^ (AWl) desiring no communication whatsoever with a Trust Center, in 
every bilateral communicatiohs^th another user (AW2), first marks and makes available to the 
latter the public part of his self-genemte^ pair (OVS or OS2) using the secret part of the key 
pair (PS) previously relinquished, personmzed, and certified by the Trust Center, whereupon the 
correct assignment of this information regardin^Ae public part (OVS or OS2) of the key pair self- 
generated by the sending user (AWl) is checked by the"i'€;Qeiving user (AW2) by verifying the 
signature, and the genuineness and validity of the certificate inS^he Trust Center underlying this 
signature can be checked. 
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